pinentry-curses segfault (ssh-agent emulation)
I have pinentry-curses working wth no problems for gpg keys - but trying to use ssh-agent emulation in gpg-agent segfaults:
1 alpine-DE kern.info kernel: [182850.518381] pinentry-curses[31123]: segfault at 66d11b108 ip 00007f736d3507ad sp 00007ffdbfc94b88 error 6 in ld-musl-x86_64.so.1[7f736d32d000+88000]
this gives the following error in gnupg:
[+] GPG mode set, signing passphrase acquired via gpg-agent
sign_and_send_pubkey: signing failed: agent refused operation
Permission denied (publickey).
Couldn't read packet: Connection reset by peer
the gpg key is acquired correctly - but not the ssh key.
using the vanilla kernel gives the same result.
I used the following settings in my ~/.profile
# Set GPG TTY
chown $USER:tty $(tty)
export GPG_TTY=$(tty)
# Start the gpg-agent if not already running
#### /bin/pgrep with -u option requires procps pkg ####
if ! /bin/pgrep -x -u "${USER}" gpg-agent >/dev/null 2>&1; then
## gpg-connect-agent /bye >/dev/null 2>&1
eval $(gpg-agent --daemon --enable-ssh-support --sh)
## gpg-connect-agent updatestartuptty /bye
fi
# Set SSH to use gpg-agent
unset SSH_AGENT_PID
if [ "${gnupg_SSH_AUTH_SOCK_by:-0}" -ne $$ ]; then
export SSH_AUTH_SOCK="${HOME}/.gnupg/S.gpg-agent.ssh"
fi
I received the error above whether I:
(1) explicitly start gpg-agent with ssh support (as shown above)
OR
(2) start with gpg-connect-agent (#commented out above) + enable-ssh-support in ~/.gnupg/gpg-agent.conf
using gpg-agent just for gpg keys & ssh-agent just for ssh keys works
fine
—————————————————————————————————————
I also noticed with procps installed you need to give the full path /bin/pgrep or the busybox pgrep will be used
(from redmine: issue id 7249, created on 2017-04-27)